87 lines
2.9 KiB
YAML
87 lines
2.9 KiB
YAML
---
|
|
- name: Setup Caddy
|
|
hosts: privfrontends
|
|
roles:
|
|
- role: caddy-ansible
|
|
caddy_systemd_capabilities_enabled: true
|
|
caddy_config: "{{ lookup('template', './templates/Caddyfile.j2') }}"
|
|
caddy_user: "caddy"
|
|
caddy_home: "/var/lib/caddy"
|
|
caddy_packages: ["github.com/caddy-dns/rfc2136@master"]
|
|
# Static weekly builds of caddy with rfc2136 dns plugin
|
|
caddy_url_base: "https://cb.projectsegfau.lt/api/download"
|
|
tasks:
|
|
# This is run again so config still updates even if i dont run the role which isnt needed most of the time
|
|
- name: Copy Caddyfile
|
|
ansible.builtin.template:
|
|
src: ./templates/Caddyfile.j2
|
|
dest: /etc/caddy/Caddyfile
|
|
mode: preserve
|
|
tags: caddy-non-update
|
|
- name: Copy per-server caddy extras
|
|
ansible.builtin.copy:
|
|
src: "./templates/{{ inventory_hostname }}/"
|
|
dest: /etc/caddy/
|
|
directory_mode: true
|
|
mode: preserve
|
|
tags: caddy-non-update
|
|
- name: Reload Caddy
|
|
ansible.builtin.service:
|
|
name: caddy
|
|
enabled: true
|
|
state: reloaded
|
|
tags: caddy-non-update
|
|
- name: Setup docker compose for privacy frontends
|
|
hosts: privfrontends
|
|
vars:
|
|
docker_services:
|
|
- anonymousoverflow
|
|
- breezewiki
|
|
- gothub
|
|
- gothub-dev
|
|
- librarian
|
|
- libreddit
|
|
- nitter
|
|
- rimgo
|
|
- safetwitch
|
|
- scribe
|
|
- simplytranslate
|
|
- teddit
|
|
- watchtower
|
|
tasks:
|
|
# community.docker does not support compose 2.0 right now.
|
|
# https://github.com/ansible-collections/community.docker/issues/216
|
|
- name: Update docker compose files and restart those with changes
|
|
ansible.builtin.include_tasks: docker-tasks.yaml
|
|
with_items: "{{ docker_services }}"
|
|
tags: docker
|
|
- name: Setup docker compose for privacy frontends (non-pizza1)
|
|
hosts: in,us
|
|
vars:
|
|
non_pizza_docker_services:
|
|
- searxng
|
|
- hyperpipe
|
|
tasks:
|
|
# community.docker does not support compose 2.0 right now.
|
|
# https://github.com/ansible-collections/community.docker/issues/216
|
|
- name: Update docker compose files and restart those with changes (Privacy Frontends but without Pizza1)
|
|
ansible.builtin.include_tasks: docker-tasks.yaml
|
|
with_items: "{{ non_pizza_docker_services }}"
|
|
tags: docker
|
|
|
|
- name: Setup cron jobs
|
|
hosts: privfrontends
|
|
tasks:
|
|
- name: Restart invidious every hour
|
|
ansible.builtin.cron:
|
|
name: "hourly invidious restart"
|
|
special_time: hourly
|
|
job: "docker restart invidious-invidious-1 && curl https://healthchecks.projectsegfau.lt/ping/{{ invidious_hc_uuid }}"
|
|
tags: cron
|
|
- name: Restart teddit every hour
|
|
ansible.builtin.cron:
|
|
name: "hourly teddit restart"
|
|
special_time: hourly
|
|
job: "docker restart teddit && curl https://healthchecks.projectsegfau.lt/ping/{{ teddit_hc_uuid }}"
|
|
tags: cron
|